<?php include "../../../config.php";?>
<?php include "../../coresection/checkUserSession.php";?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <?php include ROOT_PATH_.'front/m2/modules/head.php'; ?>
</head>
<body>


<?php


$user_mid      = $_POST['user_mid'];
$user_password = $_POST['user_password'];
$user_password = md5($user_password);


$table = "athlon_user";
$query = mysql_query("SELECT COUNT(nid) FROM $table where mid ='$user_mid'");
$sum = mysql_result($query, 0);

if($sum==0){
    echo "<script language='javascript'>alert('会员号错误或不存在！');location='/front/m2';</script>";
}else{
    $result = mysql_query("select * from $table where mid ='$user_mid'");

    while ($row = mysql_fetch_array($result)) {
        $user_name = $row['name'];
        $user_mid = $row['mid'];
        $user_term = $row['term'];
        $department = $row['department'];
        $balance = $row['balance'];
        $password = $row['password'];
        $quanxian = $row['quanxian'];
    }

    if ($user_password == $password) {
        session_start();
        $_SESSION['mid'] = $user_mid;
        $_SESSION['name'] = $user_name;
        $_SESSION['term'] = $user_term;
        $_SESSION['department'] = $department;
        $_SESSION['balance'] = $balance;
        $_SESSION['quanxian'] = $quanxian;
        $_SESSION['password'] = $password;



//管理员自动扔去后台
        if(
            ( $_SESSION['quanxian']=="caiwu") || ( $_SESSION['quanxian']=="chufang") || ( $_SESSION['quanxian']=="admin")
          )
        {
            echo "<script language='javascript'>location='/login';</script>";
        }


//普通用户去订餐
        echo "<script language='javascript'>location='/front/m2/order-list.php';</script>";



    } else {
        echo "<script language='javascript'>alert('密码错误！');location='/front/m2';</script>";
    }

}


?>
</body>
</html>